From 22e3fd1708943a240e7cc907d47fe59a67122025 Mon Sep 17 00:00:00 2001 From: Yaroslav Halchenko Date: Fri, 19 Aug 2005 08:40:09 +0000 Subject: [PATCH] added findtime configuration parameter --- config/fail2ban.conf.default | 12 +++++++++--- debian/changelog | 4 +++- fail2ban.py | 22 +++++++++++----------- 3 files changed, 23 insertions(+), 15 deletions(-) diff --git a/config/fail2ban.conf.default b/config/fail2ban.conf.default index ee2a3485..fa25a57b 100644 --- a/config/fail2ban.conf.default +++ b/config/fail2ban.conf.default @@ -24,12 +24,12 @@ debug = false logtargets = /var/log/fail2ban.log # Option: syslog-target -# Notes.: where to find syslog facility if logtarget SYSLOG +# Notes.: where to find syslog facility if logtarget SYSLOG. # Values: file(socket) hostname hostname:port Default: /dev/log syslog-target = /dev/log # Option: syslog-facility -# Notes.: which syslog facility to use if logtarget SYSLOG +# Notes.: which syslog facility to use if logtarget SYSLOG. # Values: NUM Default: 1 syslog-facility = 1 @@ -51,6 +51,12 @@ maxretry = 5 # bantime = 600 +# Option: findtime +# Notes.: lifetime in seconds of a "failed" log entry. +# Values: NUM Default: 600 +# +findtime = 600 + # Option: ignoreip # Notes.: space separated list of IP's to be ignored by fail2ban. # You can use CIDR mask in order to specify a range. @@ -69,7 +75,7 @@ ignoreip = 192.168.0.0/16 cmdstart = # Option: cmdend -# Notes.: command executed once at the end of Fail2Ban +# Notes.: command executed once at the end of Fail2Ban. # Values: CMD Default: # cmdend = diff --git a/debian/changelog b/debian/changelog index b7a00b5c..fa309590 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,8 +6,10 @@ fail2ban (0.5.2-3) unstable; urgency=low from syslog branch) (closes: #323543) * Included upstream README and TODO * Mentioned in README.Debian that apache section is disabled by default - * Adjusted man pages to cross-reference each other (closes: #323840) + * Adjusted man pages to cross-reference each other * Moved fail2ban man page under section 8 as in upstream + * Introduced findtime configuration variable to control the lifetime + of caught "failed" log entries (closes: #323840) -- Yaroslav Halchenko Tue, 16 Aug 2005 11:23:28 -1000 diff --git a/fail2ban.py b/fail2ban.py index c9f4e2a4..c7a7806e 100755 --- a/fail2ban.py +++ b/fail2ban.py @@ -15,6 +15,7 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # Author: Cyril Jaquier +# Modified by: Yaroslav Halchenko (SYSLOG, findtime) # # $Revision: 1.20.2.13 $ @@ -181,6 +182,7 @@ def main(): ["str", "pidlock", "/var/run/fail2ban.pid"], ["int", "maxretry", 3], ["int", "bantime", 600], + ["int", "findtime", 600], ["str", "ignoreip", ""], ["int", "polltime", 1], ["str", "cmdstart", ""], @@ -292,6 +294,9 @@ def main(): # bantime option banTime = conf["bantime"] + + # findtime option + findTime = conf["findtime"] # Checks for root user. This is necessary because log files # are owned by root and firewall needs root access. @@ -310,6 +315,7 @@ def main(): logSys.debug("ConfFile is " + conf["conffile"]) logSys.debug("BanTime is " + `conf["bantime"]`) + logSys.debug("FindTime is " + `conf["findtime"]`) logSys.debug("retryAllowed is " + `conf["maxretry"]`) # Options @@ -335,8 +341,9 @@ def main(): # Options optionValues = (["bool", "enabled", False], ["str", "logfile", "/dev/null"], - ["int", "maxretry", None], - ["int", "bantime", None], + ["int", "maxretry", maxretry], + ["int", "bantime", bantime], + ["int", "findtime", findtime], ["str", "timeregex", ""], ["str", "timepattern", ""], ["str", "failregex", ""], @@ -349,19 +356,12 @@ def main(): for t in confReader.getSections(): l = confReader.getLogOptions(t, optionValues) if l["enabled"]: - # Override maxretry option - if not l["maxretry"] == None: - maxRetry = l["maxretry"] - - # Override bantime option - if not l["bantime"] == None: - banTime = l["bantime"] # Creates a logreader object lObj = LogReader(l["logfile"], l["timeregex"], l["timepattern"], - l["failregex"], maxRetry, banTime) + l["failregex"], l["maxretry"], l["findtime"]) # Creates a firewall object - fObj = Firewall(l["fwban"], l["fwunban"], banTime) + fObj = Firewall(l["fwban"], l["fwunban"], l["bantime"]) # Links them into a list. I'm not really happy # with this :/ logFwList.append([t, lObj, fObj, dict(), l])